EP1404083A2 - Removable cryptographic ignition key system and method - Google Patents
Removable cryptographic ignition key system and method Download PDFInfo
- Publication number
- EP1404083A2 EP1404083A2 EP20030021332 EP03021332A EP1404083A2 EP 1404083 A2 EP1404083 A2 EP 1404083A2 EP 20030021332 EP20030021332 EP 20030021332 EP 03021332 A EP03021332 A EP 03021332A EP 1404083 A2 EP1404083 A2 EP 1404083A2
- Authority
- EP
- European Patent Office
- Prior art keywords
- processor
- cik
- removable
- distance
- secure operations
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
- G06F21/35—User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
Definitions
- the present invention is generally related to cryptographic ignition keys (CIKs), and more specifically related to removable cryptographic ignition keys.
- processors such as laptop computers and programmable digital assistants (PDAs)
- PDAs programmable digital assistants
- a CIK facilitates the prevention of unauthorized access to a processor thus protecting internally stored information.
- secure operations are allowed.
- secure operations are disallowed.
- Examples of such situations include, a user leaving the room where the processor is located to take a short break (e.g., get a drink, smoke a cigarette, go to the bathroom), a user leaving a laptop computer on a chair at the airport, a user placing a laptop on the conveyer belt of an X-ray machine at an airport security checkpoint, or a soldier leaving a military handheld radio in the field.
- a short break e.g., get a drink, smoke a cigarette, go to the bathroom
- a user leaving a laptop computer on a chair at the airport a user placing a laptop on the conveyer belt of an X-ray machine at an airport security checkpoint, or a soldier leaving a military handheld radio in the field.
- An unauthorized user, stumbling upon, or intentionally taking, a processor having the CIK installed may wreak havoc with the secure information on the processor.
- An improved system and method for utilizing a CIK is desired.
- a system for conducting secure operations utilizing a removable cryptographic ignition key includes the removable CIK, a processor, and a proximity detector.
- the processor is configured to receive the removable CIK. Secure operations are enabled subsequent to receiving the removable CIK.
- the proximity detector is configured to determine a distance between the removable CIK and the processor. Secure operations are enabled while the removable CIK is within a predetermined distance of the processor, and secure operations are disabled when a distance between the removable CIK and the processor is greater than the predetermined distance.
- a method for conducting secure operations utilizing a removable cryptographic ignition key (CIK), a processor, and a proximity detector includes receiving the removable CIK by the processor, wherein secure operations are enabled subsequent to receipt of the removable CIK by the processor. It is determined if a distance between the removable CIK and the processor has exceeded a predetermined distance. Secure operations are enabled while said removable CIK is within the predetermined distance of the processor and secure operations are disabled when a distance between the removable CIK and the processor is greater than the predetermined distance.
- CIK removable cryptographic ignition key
- a removable, wireless, cryptographic ignition key provides a user the capability to conduct secure operations utilizing a processor as long as the CIK is within the vicinity of the processor, and not necessarily inserted into the processor.
- CIKs are known in the art, and typically have stored therein a password (or equivalent means) for unlocking the processor's secure operations capability.
- secure operations are enabled upon insertion of the CIK into the processor.
- Example processors include desktop computers, laptop computers, wireless telephones, handheld radios (e.g., military radios requiring secure communications), and personal digital assistants (PDAs).
- the CIK and the processor may be envisioned as coupled together by a tether (however, the coupling between the CIK and the processor is wireless), enabling secure operations while the CIK is within the vicinity of the processor. Once the CIK and the processor are not in the vicinity of each other, the tether is broken and secure operations are disabled. As described in more detail below, a signal conveyed between the removable CIK and the processor is analyzed to determine if a distance between the removable CIK and the processor are within a predetermined distance. As long as this signal is conveyed, secure operations are enabled. However, if this conveyed signal is interrupted and/or corrupted, secure operations are disabled.
- the user has the ability to manually disable secure operations (e.g., by interrupting the conveyed signal or sending a specific signal) regardless of the distance between the CIK and the processor. This capability is particularly advantageous in situations where unauthorized access is being attempted by force.
- a system for conducting secure operations utilizing a removable CIK are envisioned.
- the user inserts the CIK into the processor.
- Secure operations are enabled upon insertion of the CIK into the processor.
- the CIK may remain inserted in the processor while secure operations are conducted, or the user, at her discretion, may remove the CIK from the processor while continuing to conduct secure operations.
- the CIK and the processor are within a predetermined distance from each other, secure operations are enabled. However, if the predetermined distance between the removable CIK and the processor is exceeded (e.g., the user leaves the room, the user puts the processor on a moving belt on an X-ray machine at the airport, the processor is stolen), secure operations are disabled.
- Secure operations may be resumed, upon the CIK being inserted into the processor again.
- the user inserts the CIK into the processor and subsequently removes the CIK from the processor.
- Secure operations are enabled upon removal of the CIK from the processor.
- the user may not conduct secure operations until the CIK is removed from the processor.
- secure operations are enabled.
- the user may keep the CIK on her person, such as in her pocket or on a chain around her neck, for example.
- the user may manually disable secure operations or zeroize portions of the processor and/or the removable CIK from within the predetermined distance.
- Other embodiments, as described in more detail below, include various configurations of the system.
- the system 100 comprises a processor 14, the CIK 12 and a proximity detector 16.
- the CIK 12 is battery powered, capable of being removed from the processor 14, and wirelessly coupled to the processor 14.
- the CIK 12 allows conduction of secure operations (e.g., encrypt and decrypt communications) using the processor 14.
- secure operations e.g., encrypt and decrypt communications
- Various forms of the CIK 12 are envisioned.
- the CIK 12 may be in the form of a key card (e.g., smart card), a key, a token, or a disk.
- the processor 14 is configured to receive the CIK 12.
- Receiving the CIK 12 may include inserting the CIK 12 into a slot on the processor 14, swiping the CIK 12 through a card reading mechanism on the processor 14, placing the CIK 12 in contact with a magnetic reading mechanism on the processor 14, inserting the CIK 12 into a disk reader on the processor 14, or a combination thereof, for example.
- the processor 14 may include any processor capable of conducting secure operations. Examples of appropriate processors 14 include handheld radios, laptop computers, desktop computers, general-purpose computers, and telephones. Secure operations may include operation such as encrypting and decrypting communications, encoding and decoding information, or a combination thereof, for example.
- the proximity detector 16 determines if the distance between the CIK 12 and the processor 14 has exceeded a predetermined distance. For example, assuming that a predetermined distance is 5 feet, if the CIK 12 and the processor 14 become separated by more than 5 feet, secure operations are disabled.
- a predetermined distance is 5 feet
- the proximity detector 16 may utilize acoustic energy (e.g., sonic or ultrasonic), electromagnetic energy (e.g., radio frequency, magnetic fields), optic energy (e.g., infrared), or a combination thereof to determine the distance between the CIK 12 and the processor 14.
- Various means may be utilized to determine if the distance between the CIK 12 and the processor 14 has exceeded a predetermined distance.
- the amplitude of a signal may be analyzed.
- the system 100 e.g., processor 14 determines that the predetermined distance has been exceeded and secure operations are disabled.
- the time difference between a transmitted signal and a received signal is analyzed (e.g., compared with a threshold value) to determine if the distance between the CIK 12 and the processor 14 has exceeded a predetermined distance.
- a signal contains information (e.g., counter values, random number sequence values), which is analyzed to determined if a predetermined distance has been exceeded. Also, the transmission power of the signal conveyed between the removable CIK 12 and the processor 14 is limited to establish the predetermined distance. In each of these embodiments, security is maintained by ensuring that signals conveyed between the processor 14 and the CIK 12 are not indicative of the CIK's embedded password. Security is also maintained by ensuring that (protecting) characteristics of the signal(s) conveyed between the removable CIK 12 and the processor 14 are not predictable by an unauthorized user.
- information e.g., counter values, random number sequence values
- Protecting characteristics of the conveyed signal(s) from unauthorized predictability may be accomplished, for example, by the conveyed signals being indicative of randomly (or pseudorandomly) generated numbers, encrypting the conveyed signals, the conveyed signals being indicative of a non-deterministic sequence of number, or a combination thereof.
- the proximity detector 16 resides completely in the CIK 12. In this configuration, the proximity detector 16 transmits a proximity signal 18 for determining the distance between the processor 14 and the CIK 12. The proximity detector 16 receives the return signal 20, which is analyzed to determine the distance between the CIK 12 and the processor 14. The signal 20 may be an echo signal resulting from the proximity signal 18 being reflected by the processor 14 in the direction of the CIK 12 and the proximity detector 16.
- the processor 14 may comprise a repeater (not shown) that receives the proximity signal 18 and transmitted the signal 20 in response to receipt of the proximity signal 18.
- the signal strength of the return signal 20 may by compared to a threshold value of signal strength to determine if a predetermined distance has been exceeded; the return signal 20 may be analyzed by determining the time difference between the transmission of the proximity signal 18 and receipt of the return signal 20 by the proximity detector 16; or a combination thereof. When the determined time difference is greater than a predetermined value, the CIK 12 and the processor 14 are determined to be far enough away from each other (the predetermined distance is exceeded) and secure operations are disabled.
- a plurality of proximity signals 18 are transmitted resulting in a series of pulses.
- the series of pulses are reflected back to the proximity detector 16 via the return signal 20.
- the series of pulses received by the proximity detector 16 via the return signal 20 are detected and analyzed to determine if the CIK 12 and the processor 14 are within the predetermined distance with respect to each other. If, within a predetermined amount of time, no pulses are detected via the return signal 20, it is determined that the distance between the CIK 12 and the processor 14 is greater than the predetermined distance, and secure operations are disabled.
- each pulse of the plurality of pulses may be indicative of a respective counter value.
- each pulse may represent an incremented value (e.g., one pulse representing the counter value 1, the next pulse representing the counter value 2, ). If the difference in the counter values in consecutively received pulses exceeds a predetermined difference, it is determined that the distance between the CIK 12 and the processor 14 is greater than the predetermined distance, and secure operations are disabled.
- the series of pulses may be indicative of a series of randomly generated numbers. If an expected random number value is not received (e.g., via signal 20) for a predetermined number of pulses, the system 100 determines that the distance between the CIK 12 and the processor 14 has exceed the predetermined distance.
- Security is maintained by preventing unauthorized monitoring of the proximity signal 18, the echo signal 20, or a combination thereof.
- One means of maintaining security is to ensure that the CIK's embedded password is not conveyed between the processor and the CIK 12 via the signal 18 and/or the signal 20.
- the proximity signal 18 may be encrypted by encryption/decryption portion 19 of the proximity detector 16 prior to transmission and the return signal 20 may be appropriately decrypted by encryption/decryption portion 19 upon receipt. Encrypting the proximity signal 18 helps to prevent unauthorized reception and copying of the proximity signal 18. Thus, an unauthorized user may be prevented from monitoring the proximity signal 18 and/or the return signal 20, and copying same to trick the processor into "thinking" that the CIK is within the predetermined distance.
- the system 100 may be configured to include manual disable portion 30.
- Manual disable portion 30 allows the user to disable secure operations at any time, regardless of the distance between the CIK 12 and the processor 14.
- the manual disable portion 30 allows the user to immediately disable secure operations.
- the manual disable portion 30 may comprise any appropriate means for allowing the user to disable secure operations, such as a hardware switch or voice activated switch (e.g., positioned on the CIK 12).
- the manual disable portion 30 may interrupt (e.g., stop transmitting) conveyance of the proximity signal 18, may corrupt (e.g., send an invalid sequence) the proximity signal 18, may transmit a signal, such as manual disable signal 21, indicating that secure operations are to be disabled, or a combination thereof.
- Secure operations may be disabled by any appropriate means, for example by disabling a display, disabling a transmitter, disabling a receiver, disabling power, or a combination thereof.
- the manual disable portion 30 includes a means for zeroizing the processor 14, zeroizing the removable CIK 12, or a combination thereof. Zeroizing disables secure operations by equating selected parameters to a predetermined value (e.g., zero). Consequently, secure operations will not be recoverable unless the system is reinitialized.
- the manual disable portion 30 may comprise separate means (e.g., switches), one for disabling secure operations without zeroizing and the other for zeroizing the processor 14.
- the choice of disabling secure operations without zeroizing or zeroing is predetermined. When the user activates the switch, the predetermined function is performed.
- the system 100 may optionally be configured to include a timer to be used to determine the amount of time the distance between the CIK 12 and the processor 14 has exceed the predetermined distance.
- a timer to be used to determine the amount of time the distance between the CIK 12 and the processor 14 has exceed the predetermined distance.
- the user may continue secure operations by either reinserting the CIK 12 into the processor 14 or ensuring that the CIK 12 and the processor 14 are within the predetermined distance from each other. If the distance between the CIK 12 and the processor 14 has exceeded the predetermined distance for greater than the predetermined amount of time, the user may not simply continue secure operations, but will have to reinitialize the system.
- the predetermined distance between the CIK 12 and the processor 14 is 5 feet
- the predetermined amount of time, which the distance between the CIK 12 and the processor 14 may exceed the predetermined distance of feet is 10 seconds.
- the user may walk away from the processor 14 with the CIK 12 in her pocket and be further than 5 feet away from the processor for almost 10 seconds.
- she can walk back to within 5 feet of the processor to continue secure operations.
- she will have to reinsert the CIK 12 into the processor 14 to continue secure processing.
- FIG. 2 is a functional block diagram of another embodiment of a system 100A for conducting secure operations utilizing a removable CIK 12A, wherein the processor 14A comprises the proximity detector 16A.
- the CIK 12A, the processor 14A, the proximity detector 16A, the manual disable portion 30A, the manual disable signal 21A, and the encryption/decryption portion 19A function similarly to the CIK 12, the processor 14, the proximity detector 16, the manual disable portion 30, manual disable signal 21, and the encryption/decryption portion 19 of the system 100, respectively, except that in the system 100A, the processor 14A comprises the proximity detector 16A, and thus the proximity signal 18A and the manual disable signal 21A are transmitted from the processor 14A to the CIK 12A, and the return signal 20A propagates from the CIK 12A to the processor 14A.
- the distance between the CIK 12A and the processor 14A may be determined by analyzing the time difference of the transmission of the proximity signal 18A and receipt by the proximity detector 16A of the return signal 20A, by counting a series of pulses, or a combination thereof.
- Figure 3 is a functional block diagram of yet another embodiment of a system 100B for conducting secure operations utilizing a removable CIK 12B, wherein the CIK 12B and processor 14B comprise portions of the proximity detector 16B.
- the CIK 12B, the processor 14B, the manual disable portion 30B, the manual disable signal 21B, and the encryption/decryption portion 19B function similarly to the CIK 12, the processor 14, the manual disable portion 30, the manual disable signal 21, and the encryption/decryption portion 19 of the system 100, respectively.
- the proximity signal 18B is transmitted from the portion of the proximity detector 16B within the CIK 12B to the portion of the proximity detector 16B within the processor 14B.
- the distance between the CIK 12B and the processor 14B is determined by analyzing pulses, as described above with respect to system 100 of Figure 1.
- FIG. 4 is a flow diagram of an exemplary process for conducting secure operations utilizing a system comprising a removable CIK, a processor, and a proximity detector.
- the CIK is received by the processor at step 42.
- Receiving the CIK may incorporate inserting the CIK into a slot on the processor, swiping the CIK through a card reader on the processor, placing the CIK against a magnetic reader on the processor, or a combination thereof, for example.
- the CIK may remain inserted into the processor while conducting secure operations.
- the CIK must be removed from the processor prior to conducting secure operations.
- Secure operations are enabled at step 46. Secure operations may be enabled via any appropriate means, such as encrypting and decrypting communications, encoding and decoding data, or a combination thereof, for example. It is determined if a distance between the CIK and the processor has exceeded the predetermined distance at step 48. This may be determined by analyzing signal strength, analyzing time differences, analyzing/counting proximity signal pulses, encrypting/decrypting signals, comparing the value of a determined distance with the value of the predetermining distance, or a combination thereof, as described above. At step 50, a decision is made regarding how to proceed depending upon whether the distance between the removable CIK and the processor is within the predetermined distance. If the determined distance is less than or equal to the predetermined distance, than secure operations remain enabled and the distance between the CIK and the processor is determined again (step 48). If the determined distance is greater than the predetermined distance, than secure operations are disabled at step 52.
- a timer may be implemented (e.g., timer 30 of Figure 1, 30A of Figure 2, or 30B of Figure 3) to determine if the distance between the CIK and the processor has exceed the predetermined distance for greater than a predetermined amount of time. If so two options are available, depicted as option A and option B at step 54. Under option A, secure operations may be resumed if the processor receives the CIK (step 42) within the predetermined amount of time. Under option B, secure operations may be resumed if the CIK is positioned within the predetermined distance from the processor (or the processor positioned within the predetermined distance from the CIK) within the predetermined amount of time.
- the user may reinserted the CIK into the processor to continue secure operations (option A) or may position the CIK and the processor within the predetermined distance (option B) to continue secure operations, within the predetermined amount of time (e.g., 10 seconds).
- the predetermined amount of time e.g. 10 seconds
- the user may not simply reinsert the CIK into the processor to continue secure operations, but will have to reinitialize the system. If the distance between the CIK and the processor exceeds the predetermined distance for longer than the predetermined amount of time, the secure operations are disabled at step 56.
- FIG. 5 is a flow diagram of an exemplary process for manually disabling secure operations, in accordance with an embodiment of the present invention. If the user manually disables secure operations (e.g., via manual disable portion 30), it is determined if secure operations are to be disabled without zeroizing or with zeroizing at step 60. This determination may be user selectable (e.g., via a switch) or the determination may be predetermined. If secure operations are to be disabled without zeroizing, secure operations are disabled at step 62 without zeroizing either the processor or the removable CIK. If secure operations are to be disabled by zeroizing, either the processor the removable CIK, or a combination thereof is zeroized at step 64. Zeroizing erases specific parameters stored in the processor, the removable CIK, or a combination thereof (e.g., equates predetermined parameter values in the processor to zero), thus requiring the system to be reinitialized before secure operation may commence.
- the system and method comprising a removable, wireless, CIK, a processor, and a proximity detector, in accordance with the present invention, provide a user the ability to conduct secure operations when the CIK is not physically inserted into the processor. Therefore, if the processor is lost or stolen, unauthorized access to secure data within the processor is denied. This is particularly advantageous as applied to portable processors, such as military handheld radios, laptop computers, wireless phones, and PDAs. Furthermore, the signals used to determine the distance between the CIK and the processor may be encrypted (and appropriately decrypted) to provide a higher level of security.
- a method for conducting secure operations utilizing a removable CIK as described herein may be embodied in the form of computer-implemented processes and system for practicing those processes.
- a method for conducting secure operations utilizing a removable CIK as described herein may also be embodied in the form of computer program code embodied in tangible media, such as floppy diskettes, read only memories (ROMs), CD-ROMs, hard drives, high density disk, or any other computer-readable storage medium, wherein, when the computer program code is loaded into and executed by a computer, the computer becomes a system for practicing the invention.
- the method for conducting secure operations utilizing a removable CIK as described herein may also be embodied in the form of computer program code, for example, whether stored in a storage medium, loaded into and/or executed by a computer, or transmitted over some transmission medium, such as over the electrical wiring or cabling, through fiber optics, or via electromagnetic radiation, wherein, when the computer program code is loaded into and executed by a computer, the computer becomes a system for practicing the invention.
- the computer program code segments configure the processor to create specific logic circuits.
Abstract
Description
- The present invention is generally related to cryptographic ignition keys (CIKs), and more specifically related to removable cryptographic ignition keys.
- Information contained on processors, such as laptop computers and programmable digital assistants (PDAs), is often as valuable, if not more valuable, to a user/owner of the processor than the processor itself. Thus, it is often desirable to deny access to information contained on the processor to unauthorized users. One way to accomplish this is through the use of a cryptographic ignition key (CIK). A CIK facilitates the prevention of unauthorized access to a processor thus protecting internally stored information. When the CIK is inserted into the processor, secure operations are allowed. When the CIK is removed from the processor, secure operations are disallowed.
- However, a problem particularly associated with portable processors (e.g., laptop computers, PDAs, and military handheld radios used to conduct secure communications), is that it is possible to misplace the processor, or the processor may be stolen, with the CIK in the processor. This is more likely to happen in situations where the user of the processor expects to be separated from the processor for only a short period of time, and thus does not feel a need to extract the CIK. Examples of such situations include, a user leaving the room where the processor is located to take a short break (e.g., get a drink, smoke a cigarette, go to the bathroom), a user leaving a laptop computer on a chair at the airport, a user placing a laptop on the conveyer belt of an X-ray machine at an airport security checkpoint, or a soldier leaving a military handheld radio in the field. An unauthorized user, stumbling upon, or intentionally taking, a processor having the CIK installed, may wreak havoc with the secure information on the processor. An improved system and method for utilizing a CIK is desired.
- In one embodiment, a system for conducting secure operations utilizing a removable cryptographic ignition key (CIK), includes the removable CIK, a processor, and a proximity detector. The processor is configured to receive the removable CIK. Secure operations are enabled subsequent to receiving the removable CIK. The proximity detector is configured to determine a distance between the removable CIK and the processor. Secure operations are enabled while the removable CIK is within a predetermined distance of the processor, and secure operations are disabled when a distance between the removable CIK and the processor is greater than the predetermined distance.
- In another embodiment, a method for conducting secure operations utilizing a removable cryptographic ignition key (CIK), a processor, and a proximity detector, includes receiving the removable CIK by the processor, wherein secure operations are enabled subsequent to receipt of the removable CIK by the processor. It is determined if a distance between the removable CIK and the processor has exceeded a predetermined distance. Secure operations are enabled while said removable CIK is within the predetermined distance of the processor and secure operations are disabled when a distance between the removable CIK and the processor is greater than the predetermined distance.
- In the drawings:
- Figure 1 is a functional block diagram of a system for conducting secure operations utilizing a removable cryptographic ignition key (CIK) in accordance with an embodiment of the present invention;
- Figure 2 is a functional block diagram of an embodiment of a system for conducting secure operations utilizing a removable CIK, wherein the processor comprises the proximity detector, in accordance with the present invention;
- Figure 3 is a functional block diagram of an embodiment of a system for conducting secure operations utilizing a removable CIK, wherein the CIK and processor comprise portions of the proximity detector, in accordance with the present invention;
- Figure 4 is a is a flow diagram of an exemplary process for conducting secure operations utilizing a system comprising a removable CIK, a processor, and a proximity detector in accordance with the present invention; and
- Figure 5 is a flow diagram of an exemplary process for manually disabling secure operations in accordance with an embodiment of the present invention.
- A removable, wireless, cryptographic ignition key (CIK), as described herein, provides a user the capability to conduct secure operations utilizing a processor as long as the CIK is within the vicinity of the processor, and not necessarily inserted into the processor. CIKs are known in the art, and typically have stored therein a password (or equivalent means) for unlocking the processor's secure operations capability. Thus, secure operations are enabled upon insertion of the CIK into the processor. Example processors include desktop computers, laptop computers, wireless telephones, handheld radios (e.g., military radios requiring secure communications), and personal digital assistants (PDAs). The CIK and the processor may be envisioned as coupled together by a tether (however, the coupling between the CIK and the processor is wireless), enabling secure operations while the CIK is within the vicinity of the processor. Once the CIK and the processor are not in the vicinity of each other, the tether is broken and secure operations are disabled. As described in more detail below, a signal conveyed between the removable CIK and the processor is analyzed to determine if a distance between the removable CIK and the processor are within a predetermined distance. As long as this signal is conveyed, secure operations are enabled. However, if this conveyed signal is interrupted and/or corrupted, secure operations are disabled. In one embodiment, the user has the ability to manually disable secure operations (e.g., by interrupting the conveyed signal or sending a specific signal) regardless of the distance between the CIK and the processor. This capability is particularly advantageous in situations where unauthorized access is being attempted by force.
- Various embodiments of a system for conducting secure operations utilizing a removable CIK are envisioned. In one embodiment, the user inserts the CIK into the processor. Secure operations are enabled upon insertion of the CIK into the processor. In this embodiment, the CIK may remain inserted in the processor while secure operations are conducted, or the user, at her discretion, may remove the CIK from the processor while continuing to conduct secure operations. While the CIK and the processor are within a predetermined distance from each other, secure operations are enabled. However, if the predetermined distance between the removable CIK and the processor is exceeded (e.g., the user leaves the room, the user puts the processor on a moving belt on an X-ray machine at the airport, the processor is stolen), secure operations are disabled. Secure operations may be resumed, upon the CIK being inserted into the processor again. In another embodiment, the user inserts the CIK into the processor and subsequently removes the CIK from the processor. Secure operations are enabled upon removal of the CIK from the processor. In this embodiment, the user may not conduct secure operations until the CIK is removed from the processor. However, as described above, while the CIK and the processor are within a predetermined distance of each other, secure operations are enabled. The user may keep the CIK on her person, such as in her pocket or on a chain around her neck, for example. In yet other embodiments, the user may manually disable secure operations or zeroize portions of the processor and/or the removable CIK from within the predetermined distance. Other embodiments, as described in more detail below, include various configurations of the system.
- Referring now to Figure 1, there is shown a functional block diagram of a
system 100 for conducting secure operations utilizing aremovable CIK 12. Thesystem 100 comprises aprocessor 14, theCIK 12 and aproximity detector 16. In one embodiment, the CIK 12 is battery powered, capable of being removed from theprocessor 14, and wirelessly coupled to theprocessor 14. TheCIK 12 allows conduction of secure operations (e.g., encrypt and decrypt communications) using theprocessor 14. Various forms of theCIK 12 are envisioned. For example, theCIK 12 may be in the form of a key card (e.g., smart card), a key, a token, or a disk. Theprocessor 14 is configured to receive theCIK 12. Receiving theCIK 12 may include inserting theCIK 12 into a slot on theprocessor 14, swiping theCIK 12 through a card reading mechanism on theprocessor 14, placing theCIK 12 in contact with a magnetic reading mechanism on theprocessor 14, inserting theCIK 12 into a disk reader on theprocessor 14, or a combination thereof, for example. - The
processor 14 may include any processor capable of conducting secure operations. Examples ofappropriate processors 14 include handheld radios, laptop computers, desktop computers, general-purpose computers, and telephones. Secure operations may include operation such as encrypting and decrypting communications, encoding and decoding information, or a combination thereof, for example. - The
proximity detector 16 determines if the distance between theCIK 12 and theprocessor 14 has exceeded a predetermined distance. For example, assuming that a predetermined distance is 5 feet, if theCIK 12 and theprocessor 14 become separated by more than 5 feet, secure operations are disabled. Various types ofproximity detectors 16 are envisioned. For example, theproximity detector 16 may utilize acoustic energy (e.g., sonic or ultrasonic), electromagnetic energy (e.g., radio frequency, magnetic fields), optic energy (e.g., infrared), or a combination thereof to determine the distance between theCIK 12 and theprocessor 14. Various means may be utilized to determine if the distance between theCIK 12 and theprocessor 14 has exceeded a predetermined distance. Briefly, in one embodiment, the amplitude of a signal, such a signal transmitted and/or received by theproximity detector 16, may be analyzed. In this embodiment, if the amplitude of the signal (signal strength) becomes too weak (e.g., less than a threshold value), the system 100 (e.g., processor 14) determines that the predetermined distance has been exceeded and secure operations are disabled. In another embodiment, the time difference between a transmitted signal and a received signal is analyzed (e.g., compared with a threshold value) to determine if the distance between theCIK 12 and theprocessor 14 has exceeded a predetermined distance. In yet another embodiment, a signal contains information (e.g., counter values, random number sequence values), which is analyzed to determined if a predetermined distance has been exceeded. Also, the transmission power of the signal conveyed between theremovable CIK 12 and theprocessor 14 is limited to establish the predetermined distance. In each of these embodiments, security is maintained by ensuring that signals conveyed between theprocessor 14 and theCIK 12 are not indicative of the CIK's embedded password. Security is also maintained by ensuring that (protecting) characteristics of the signal(s) conveyed between theremovable CIK 12 and theprocessor 14 are not predictable by an unauthorized user. Protecting characteristics of the conveyed signal(s) from unauthorized predictability may be accomplished, for example, by the conveyed signals being indicative of randomly (or pseudorandomly) generated numbers, encrypting the conveyed signals, the conveyed signals being indicative of a non-deterministic sequence of number, or a combination thereof. - Various configurations of the proximity detector are envisioned as shown in
systems system 100 of Figure 1, theproximity detector 16 resides completely in theCIK 12. In this configuration, theproximity detector 16 transmits aproximity signal 18 for determining the distance between theprocessor 14 and theCIK 12. Theproximity detector 16 receives thereturn signal 20, which is analyzed to determine the distance between theCIK 12 and theprocessor 14. Thesignal 20 may be an echo signal resulting from theproximity signal 18 being reflected by theprocessor 14 in the direction of theCIK 12 and theproximity detector 16. Theprocessor 14 may comprise a repeater (not shown) that receives theproximity signal 18 and transmitted thesignal 20 in response to receipt of theproximity signal 18. The signal strength of thereturn signal 20 may by compared to a threshold value of signal strength to determine if a predetermined distance has been exceeded; thereturn signal 20 may be analyzed by determining the time difference between the transmission of theproximity signal 18 and receipt of thereturn signal 20 by theproximity detector 16; or a combination thereof. When the determined time difference is greater than a predetermined value, theCIK 12 and theprocessor 14 are determined to be far enough away from each other (the predetermined distance is exceeded) and secure operations are disabled. - In another embodiment, a plurality of proximity signals 18 are transmitted resulting in a series of pulses. The series of pulses are reflected back to the
proximity detector 16 via thereturn signal 20. The series of pulses received by theproximity detector 16 via thereturn signal 20 are detected and analyzed to determine if theCIK 12 and theprocessor 14 are within the predetermined distance with respect to each other. If, within a predetermined amount of time, no pulses are detected via thereturn signal 20, it is determined that the distance between theCIK 12 and theprocessor 14 is greater than the predetermined distance, and secure operations are disabled. Alternatively, each pulse of the plurality of pulses may be indicative of a respective counter value. For example, each pulse may represent an incremented value (e.g., one pulse representing the counter value 1, the next pulse representing the counter value 2, ...). If the difference in the counter values in consecutively received pulses exceeds a predetermined difference, it is determined that the distance between theCIK 12 and theprocessor 14 is greater than the predetermined distance, and secure operations are disabled. In yet another embodiment, the series of pulses may be indicative of a series of randomly generated numbers. If an expected random number value is not received (e.g., via signal 20) for a predetermined number of pulses, thesystem 100 determines that the distance between theCIK 12 and theprocessor 14 has exceed the predetermined distance. - Security is maintained by preventing unauthorized monitoring of the
proximity signal 18, theecho signal 20, or a combination thereof. One means of maintaining security is to ensure that the CIK's embedded password is not conveyed between the processor and theCIK 12 via thesignal 18 and/or thesignal 20. Also, theproximity signal 18 may be encrypted by encryption/decryption portion 19 of theproximity detector 16 prior to transmission and thereturn signal 20 may be appropriately decrypted by encryption/decryption portion 19 upon receipt. Encrypting theproximity signal 18 helps to prevent unauthorized reception and copying of theproximity signal 18. Thus, an unauthorized user may be prevented from monitoring theproximity signal 18 and/or thereturn signal 20, and copying same to trick the processor into "thinking" that the CIK is within the predetermined distance. - The
system 100 may be configured to include manual disableportion 30. Manual disableportion 30 allows the user to disable secure operations at any time, regardless of the distance between theCIK 12 and theprocessor 14. The manual disableportion 30 allows the user to immediately disable secure operations. The manual disableportion 30 may comprise any appropriate means for allowing the user to disable secure operations, such as a hardware switch or voice activated switch (e.g., positioned on the CIK 12). The manual disableportion 30 may interrupt (e.g., stop transmitting) conveyance of theproximity signal 18, may corrupt (e.g., send an invalid sequence) theproximity signal 18, may transmit a signal, such as manual disablesignal 21, indicating that secure operations are to be disabled, or a combination thereof. Secure operations may be disabled by any appropriate means, for example by disabling a display, disabling a transmitter, disabling a receiver, disabling power, or a combination thereof. In another embodiment, the manual disableportion 30 includes a means for zeroizing theprocessor 14, zeroizing theremovable CIK 12, or a combination thereof. Zeroizing disables secure operations by equating selected parameters to a predetermined value (e.g., zero). Consequently, secure operations will not be recoverable unless the system is reinitialized. Thus, the manual disableportion 30 may comprise separate means (e.g., switches), one for disabling secure operations without zeroizing and the other for zeroizing theprocessor 14. Alternatively, the choice of disabling secure operations without zeroizing or zeroing is predetermined. When the user activates the switch, the predetermined function is performed. - The
system 100 may optionally be configured to include a timer to be used to determine the amount of time the distance between theCIK 12 and theprocessor 14 has exceed the predetermined distance. In this configuration, if the distance between theCIK 12 and theprocessor 14 has exceeded the predetermined distance for less than or equal to a predetermined amount of time, the user may continue secure operations by either reinserting theCIK 12 into theprocessor 14 or ensuring that theCIK 12 and theprocessor 14 are within the predetermined distance from each other. If the distance between theCIK 12 and theprocessor 14 has exceeded the predetermined distance for greater than the predetermined amount of time, the user may not simply continue secure operations, but will have to reinitialize the system. That is, key parameters will be zeroized and will not be recoverable unless the system is reinitialized. This configuration is applicable to the situation in which a user starts to walk away from theprocessor 14, with theCIK 12 in her pocket, but very quickly realizes that she has the key in her pocket and returns to theprocessor 14. At the point, two options are envisioned. In a first option, if the predetermined amount of time has not been exceed, the user may simply ensure that theCIK 12 is within the predetermined distance from theprocessor 14 and continue secure operations. In a second option, the user will have to reinsert theCIK 12 into theprocessor 14 to continue secure operations. For example, assume that the predetermined distance between theCIK 12 and theprocessor 14 is 5 feet, and assume that the predetermined amount of time, which the distance between theCIK 12 and theprocessor 14 may exceed the predetermined distance of feet is 10 seconds. In this example, the user may walk away from theprocessor 14 with theCIK 12 in her pocket and be further than 5 feet away from the processor for almost 10 seconds. Then, under the first option, within 10 seconds, she can walk back to within 5 feet of the processor to continue secure operations. Under the second option, within 10 seconds, she will have to reinsert theCIK 12 into theprocessor 14 to continue secure processing. - Figure 2 is a functional block diagram of another embodiment of a
system 100A for conducting secure operations utilizing aremovable CIK 12A, wherein theprocessor 14A comprises theproximity detector 16A. TheCIK 12A, theprocessor 14A, theproximity detector 16A, the manual disableportion 30A, the manual disablesignal 21A, and the encryption/decryption portion 19A function similarly to theCIK 12, theprocessor 14, theproximity detector 16, the manual disableportion 30, manual disablesignal 21, and the encryption/decryption portion 19 of thesystem 100, respectively, except that in thesystem 100A, theprocessor 14A comprises theproximity detector 16A, and thus theproximity signal 18A and the manual disablesignal 21A are transmitted from theprocessor 14A to theCIK 12A, and thereturn signal 20A propagates from theCIK 12A to theprocessor 14A. As described above with respect to thesystem 100 of Figure 1, the distance between theCIK 12A and theprocessor 14A may be determined by analyzing the time difference of the transmission of theproximity signal 18A and receipt by theproximity detector 16A of thereturn signal 20A, by counting a series of pulses, or a combination thereof. - Figure 3 is a functional block diagram of yet another embodiment of a
system 100B for conducting secure operations utilizing aremovable CIK 12B, wherein theCIK 12B andprocessor 14B comprise portions of theproximity detector 16B. TheCIK 12B, theprocessor 14B, the manual disableportion 30B, the manual disablesignal 21B, and the encryption/decryption portion 19B function similarly to theCIK 12, theprocessor 14, the manual disableportion 30, the manual disablesignal 21, and the encryption/decryption portion 19 of thesystem 100, respectively. As shown in Figure 3, theproximity signal 18B is transmitted from the portion of theproximity detector 16B within theCIK 12B to the portion of theproximity detector 16B within theprocessor 14B. In this configuration, the distance between theCIK 12B and theprocessor 14B is determined by analyzing pulses, as described above with respect tosystem 100 of Figure 1. - Figure 4 is a flow diagram of an exemplary process for conducting secure operations utilizing a system comprising a removable CIK, a processor, and a proximity detector. The CIK is received by the processor at
step 42. Receiving the CIK may incorporate inserting the CIK into a slot on the processor, swiping the CIK through a card reader on the processor, placing the CIK against a magnetic reader on the processor, or a combination thereof, for example. In one embodiment, the CIK may remain inserted into the processor while conducting secure operations. In another embodiment, the CIK must be removed from the processor prior to conducting secure operations. These two embodiments are depicted atstep 44. - Secure operations are enabled at
step 46. Secure operations may be enabled via any appropriate means, such as encrypting and decrypting communications, encoding and decoding data, or a combination thereof, for example. It is determined if a distance between the CIK and the processor has exceeded the predetermined distance atstep 48. This may be determined by analyzing signal strength, analyzing time differences, analyzing/counting proximity signal pulses, encrypting/decrypting signals, comparing the value of a determined distance with the value of the predetermining distance, or a combination thereof, as described above. Atstep 50, a decision is made regarding how to proceed depending upon whether the distance between the removable CIK and the processor is within the predetermined distance. If the determined distance is less than or equal to the predetermined distance, than secure operations remain enabled and the distance between the CIK and the processor is determined again (step 48). If the determined distance is greater than the predetermined distance, than secure operations are disabled atstep 52. - Optionally, at
step 54, a timer may be implemented (e.g.,timer 30 of Figure 1, 30A of Figure 2, or 30B of Figure 3) to determine if the distance between the CIK and the processor has exceed the predetermined distance for greater than a predetermined amount of time. If so two options are available, depicted as option A and option B atstep 54. Under option A, secure operations may be resumed if the processor receives the CIK (step 42) within the predetermined amount of time. Under option B, secure operations may be resumed if the CIK is positioned within the predetermined distance from the processor (or the processor positioned within the predetermined distance from the CIK) within the predetermined amount of time. For example, if no proximity pulses have been received for less than or equal to the predetermined amount of time (e.g., 10 seconds), the user may reinserted the CIK into the processor to continue secure operations (option A) or may position the CIK and the processor within the predetermined distance (option B) to continue secure operations, within the predetermined amount of time (e.g., 10 seconds). However, if no proximity pulses are received for greater than the predetermined amount of time (e.g., 10 seconds), the user may not simply reinsert the CIK into the processor to continue secure operations, but will have to reinitialize the system. If the distance between the CIK and the processor exceeds the predetermined distance for longer than the predetermined amount of time, the secure operations are disabled atstep 56. - At any time during the process depicted in Figure 4, secure operations may be disable as indicated by the step labeled "X". Figure 5 is a flow diagram of an exemplary process for manually disabling secure operations, in accordance with an embodiment of the present invention. If the user manually disables secure operations (e.g., via manual disable portion 30), it is determined if secure operations are to be disabled without zeroizing or with zeroizing at
step 60. This determination may be user selectable (e.g., via a switch) or the determination may be predetermined. If secure operations are to be disabled without zeroizing, secure operations are disabled atstep 62 without zeroizing either the processor or the removable CIK. If secure operations are to be disabled by zeroizing, either the processor the removable CIK, or a combination thereof is zeroized atstep 64. Zeroizing erases specific parameters stored in the processor, the removable CIK, or a combination thereof (e.g., equates predetermined parameter values in the processor to zero), thus requiring the system to be reinitialized before secure operation may commence. - The system and method comprising a removable, wireless, CIK, a processor, and a proximity detector, in accordance with the present invention, provide a user the ability to conduct secure operations when the CIK is not physically inserted into the processor. Therefore, if the processor is lost or stolen, unauthorized access to secure data within the processor is denied. This is particularly advantageous as applied to portable processors, such as military handheld radios, laptop computers, wireless phones, and PDAs. Furthermore, the signals used to determine the distance between the CIK and the processor may be encrypted (and appropriately decrypted) to provide a higher level of security.
- A method for conducting secure operations utilizing a removable CIK as described herein may be embodied in the form of computer-implemented processes and system for practicing those processes. A method for conducting secure operations utilizing a removable CIK as described herein may also be embodied in the form of computer program code embodied in tangible media, such as floppy diskettes, read only memories (ROMs), CD-ROMs, hard drives, high density disk, or any other computer-readable storage medium, wherein, when the computer program code is loaded into and executed by a computer, the computer becomes a system for practicing the invention. The method for conducting secure operations utilizing a removable CIK as described herein may also be embodied in the form of computer program code, for example, whether stored in a storage medium, loaded into and/or executed by a computer, or transmitted over some transmission medium, such as over the electrical wiring or cabling, through fiber optics, or via electromagnetic radiation, wherein, when the computer program code is loaded into and executed by a computer, the computer becomes a system for practicing the invention. When implemented on a general-purpose processor, the computer program code segments configure the processor to create specific logic circuits.
- Although illustrated and described herein with reference to certain specific embodiments, the removable CIK and method for implementing same as described herein is nevertheless not intended to be limited to the details shown. Rather, various modifications may be made in the details within the scope and range of equivalents of the claims and without departing from the spirit of the invention.
Claims (27)
- A system for conducting secure operations utilizing a removable cryptographic ignition key (CIK), said system comprising:said removable CIK;a processor configured to receive said removable CIK;a proximity detector configured to determine if a distance between said removable CIK and said processor is within a predetermined distance, wherein said system is configured to:enable secure operations subsequent to said processor receiving said removable CIK;conduct secure operations while said removable CIK is within said predetermined distance of said processor; anddisable secure operations when a distance between said removable CIK and said processor is greater than said predetermined distance.
- A system in accordance with claim 1, wherein:said system is configured to enable secure operations upon said removable CIK being inserted into and subsequently removed from said processor.
- A system in accordance with claim 1, wherein at least one of said processor and said removable CIK comprise at least a portion of said proximity detector.
- A system in accordance with claim 1, wherein:said proximity detector utilizes at least one of electromagnetic energy, optical energy, and acoustic energy, to determine if a distance between said removable CIK and said processor has exceeded said predetermined distance.
- A system in accordance with claim 1, wherein an amplitude of a signal conveyed between said removable CIK and said processor is analyzed to determine if a distance between said CIK and said processor has exceeded said predetermined distance.
- A system in accordance with claim 1, wherein a transmission power of a signal conveyed between said removable CIK and said processor for determining if a distance between said CIK and said processor has exceeded said predetermined distance is limited to establish said predetermined distance.
- A system in accordance with claim 1, wherein:a signal conveyed between said removable CIK and said processor is indicative of a sequence of values; andsaid sequence of values is analyzed for determining if a distance between said CIK and said processor has exceeded said predetermined distance.
- A system in accordance with claim 1, said proximity detector further comprising:an encryption/decryption portion configured to encrypt and decrypt a signal conveyed between said removable CIK and said processor for determining if a distance between said removable CIK and said processor has exceeded said predetermined distance.
- A system in accordance with claim 1, further comprising a timer configured to determine if a distance between said removable CIK and said processor has exceeded said predetermined distance for greater than a predetermined amount of time.
- A system in accordance with claim 1, wherein characteristics of a signal conveyed between said removable CIK and said processor for determining if a distance between said CIK and said processor has exceeded said predetermined distance are protected from unauthorized predictability.
- A system in accordance with claim 1, further comprising a manual disable portion configured to disable secure operations regardless if a distance between said removable CIK and said processor is within said predetermined distance.
- A system in accordance with claim 11, wherein said manual disable portion disables secure operations by at least one of interrupting and disrupting a signal conveyed between said removable CIK and said processor for determining if a distance between said CIK and said processor has exceeded said predetermined distance.
- A system in accordance with claim 11, wherein said manual disable portion disables secure operations by zeroizing at least one of said removable CIK and said processor.
- A method for conducting secure operations utilizing a removable cryptographic ignition key (CIK), a processor, and a proximity detector, said method comprising:receiving said removable CIK by said processor, wherein:secure operations are enabled subsequent to receipt of said removable CIK by said processor;determining if a distance between said removable CIK and said processor is within a predetermined distance;enabling secure operations while said removable CIK is within said predetermined distance of said processor; anddisabling secure operations when a distance between said removable CIK and said processor is greater than said predetermined distance.
- A method in accordance with claim 14, further comprising:upon receipt of a manual disable signal, disabling secure operations regardless if a distance between said removable CIK and said processor is within a predetermined distance.
- A method in accordance with claim 15, wherein disabling secure operations comprises at least one of zeroizing said removable CIK and zeroizing said processor.
- A method in accordance with claim 15, wherein disabling secure operations upon receipt of a manual disable signal comprises at least one of interrupting and disrupting a signal conveyed between said removable CIK and said processor for determining if a distance between said CIK and said processor has exceeded said predetermined distance.
- A method in accordance with claim 14, wherein secure operations are enabled upon inserting said removable CIK into said processor and subsequently removing said CIK from said processor.
- A method in accordance with claim 14, further comprising:analyzing an amplitude of a signal conveyed between said removable CIK and said processor for determining if a distance between said CIK and said processor has exceeded said predetermined distance.
- A method in accordance with claim 14, further comprising:limiting a transmission power of a signal conveyed between said removable CIK and said processor for determining if a distance between said CIK andsaid processor has exceeded said predetermined distance to establish said predetermined distance.
- A method in accordance with claim 14, further comprising:in a signal indicative of a sequence of values conveyed between said removable CIK and said processor, analyzing said sequence of values for determining if a distance between said CIK and said processor has exceeded said predetermined distance.
- A method in accordance with claim 14, wherein a signal conveyed between said removable CIK and said processor is indicative of at least one of electromagnetic energy, optical energy, and acoustic energy.
- A method in accordance with claim 14, further comprising:determining if a distance between said removable CIK and said processor has exceeded said predetermined distance for greater than a predetermined amount of time; anddisabling secure operations if a distance between said removable CIK and said processor has exceeded said predetermined distance for greater than a predetermined amount of time.
- A method in accordance claim 14, further comprising:protecting characteristics of a signal conveyed between said removable CIK and said processor for determining if a distance between said CIK and said processor has exceeded said predetermined distance from unauthorized predictability.
- A computer readable medium encoded with a computer program code for directing a computer processor to conduct secure operations utilizing a removable cryptographic ignition key (CIK), a secure operations processor, and a proximity detector, said program code comprising:a first code segment for causing said computer processor to receive said removable CIK by said secure operations processor, wherein:secure operations are enabled subsequent to receipt of said removable CIK by said secure operations processor;a second code segment for causing said computer processor to determine if a distance between said removable CIK and said secure operations processor is within a predetermined distance;a third code segment for causing said computer processor to enable secure operations while said removable CIK is within said predetermined distance of said secure operations processor; anda fourth code segment for causing said computer processor to disable secure operations when a distance between said removable CIK and said secure operations processor is greater than said predetermined distance.
- A computer readable medium in accordance with claim 25, said program code further comprising:a fifth code segment for causing said computer processor to, upon receipt of a manual disable signal, disable secure operations regardless if a distance between said removable CIK and said secure operations processor is within a predetermined distance.
- A computer readable medium in accordance with claim 25, said program code further comprising at least one of:a sixth code segment for causing said computer processor to analyze an amplitude of a signal conveyed between said removable CIK and said secure operations processor for determining if a distance between said CIK and said secure operations processor has exceeded said predetermined distance;a seventh code segment for causing said computer processor to limit a transmission power of a signal conveyed between said removable CIK and said secure operations processor for determining if a distance between said CIK and said secure operations processor has exceeded said predetermined distance to establish said predetermined distance; andan eighth code segment for causing said computer processor to analyze a sequence of values in a signal conveyed between said removable CIK and said secure operations processor for determining if a distance between said CIK and said secure operations processor has exceeded said predetermined distance.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/259,866 US7761904B2 (en) | 2002-09-30 | 2002-09-30 | Removable cryptographic ignition key system and method |
US259866 | 2002-09-30 |
Publications (3)
Publication Number | Publication Date |
---|---|
EP1404083A2 true EP1404083A2 (en) | 2004-03-31 |
EP1404083A3 EP1404083A3 (en) | 2004-04-21 |
EP1404083B1 EP1404083B1 (en) | 2006-07-19 |
Family
ID=31977911
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP03021332A Expired - Fee Related EP1404083B1 (en) | 2002-09-30 | 2003-09-19 | Removable cryptographic ignition key system and method |
Country Status (4)
Country | Link |
---|---|
US (1) | US7761904B2 (en) |
EP (1) | EP1404083B1 (en) |
DE (1) | DE60306864T2 (en) |
IL (1) | IL158183A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2426615A (en) * | 2005-05-25 | 2006-11-29 | Charles Richard Whiteman | Proximity key |
WO2010117561A1 (en) * | 2009-04-10 | 2010-10-14 | Raytheon Company | Deceptive mobile communications |
GB2542685A (en) * | 2015-08-04 | 2017-03-29 | Ge Aviation Systems Llc | Cryptographic Ignition Key (CIK) embedded in removable data cartridge |
US9948614B1 (en) * | 2013-05-23 | 2018-04-17 | Rockwell Collins, Inc. | Remote device initialization using asymmetric cryptography |
Families Citing this family (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9336393B2 (en) * | 2003-08-23 | 2016-05-10 | Softex Incorporated | System and method for protecting files stored on an electronic device |
CA2552987C (en) * | 2004-03-26 | 2013-05-28 | Bce Inc. | Security system and method |
US9454657B2 (en) * | 2004-12-03 | 2016-09-27 | Bce Inc. | Security access device and method |
US8307055B2 (en) * | 2008-01-22 | 2012-11-06 | Absolute Software Corporation | Secure platform management device |
US8346234B2 (en) * | 2008-11-08 | 2013-01-01 | Absolute Software Corporation | Secure platform management with power savings capacity |
US20110145314A1 (en) * | 2009-12-11 | 2011-06-16 | Raytheon Company | Communication Architecture for Devices Without Access to a Centralized Server |
US9202059B2 (en) | 2011-03-01 | 2015-12-01 | Apurva M. Bhansali | Methods, systems, and apparatuses for managing a hard drive security system |
US8782315B2 (en) * | 2011-05-10 | 2014-07-15 | Bae Systems Information And Electronic Systems Integration Inc. | Expansion card controller for controlling a radio system |
US20140149729A1 (en) | 2011-07-18 | 2014-05-29 | Ted A. Hadley | Reset vectors for boot instructions |
US20140064489A1 (en) * | 2012-08-31 | 2014-03-06 | High Density Devices As | Method, system and device for encryption key material erasure |
US9990503B2 (en) | 2015-08-04 | 2018-06-05 | Ge Aviation Systems, Llc | Cryptographic key server embedded in data transfer system |
US10002257B2 (en) | 2015-08-04 | 2018-06-19 | Ge Aviation Systems Llc | Cryptographic key loader embedded in removable data cartridge |
US10255420B2 (en) | 2015-08-04 | 2019-04-09 | Ge Aviation Systems, Llc | Configuring cryptographic systems |
US20190026483A1 (en) * | 2017-07-18 | 2019-01-24 | Design SHIFT | Proximity Protected Keyless Security System |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5548721A (en) * | 1994-04-28 | 1996-08-20 | Harris Corporation | Method of conducting secure operations on an uncontrolled network |
US5887064A (en) * | 1987-09-09 | 1999-03-23 | Siemens Aktiengesellschaft | Cryptographic equipment |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5288981A (en) * | 1991-10-25 | 1994-02-22 | Allsafe Company, Inc. | Method and apparatus for encoding machine readable serial encryptedmagnetic data |
KR0160682B1 (en) * | 1995-03-14 | 1998-12-15 | 김광호 | Personal computer with illegal use prevention operation by chip-in card |
US5742756A (en) * | 1996-02-12 | 1998-04-21 | Microsoft Corporation | System and method of using smart cards to perform security-critical operations requiring user authorization |
US6088450A (en) * | 1996-04-17 | 2000-07-11 | Intel Corporation | Authentication system based on periodic challenge/response protocol |
US5892901A (en) * | 1997-06-10 | 1999-04-06 | The United States Of America As Represented By The Secretary Of The Navy | Secure identification system |
US6260111B1 (en) * | 1997-08-15 | 2001-07-10 | International Business Machines Corporation | System and method for network power management incorporating user identity and preferences via a power managed smart card |
US6189105B1 (en) * | 1998-02-20 | 2001-02-13 | Lucent Technologies, Inc. | Proximity detection of valid computer user |
DE10084966C5 (en) * | 1999-09-17 | 2017-11-16 | Ericsson Inc. | Safe zones for portable electronic devices |
GB0111989D0 (en) * | 2001-05-16 | 2001-07-04 | Ncr Int Inc | Card reader |
-
2002
- 2002-09-30 US US10/259,866 patent/US7761904B2/en not_active Expired - Fee Related
-
2003
- 2003-09-19 EP EP03021332A patent/EP1404083B1/en not_active Expired - Fee Related
- 2003-09-19 DE DE60306864T patent/DE60306864T2/en not_active Expired - Lifetime
- 2003-09-30 IL IL158183A patent/IL158183A/en not_active IP Right Cessation
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5887064A (en) * | 1987-09-09 | 1999-03-23 | Siemens Aktiengesellschaft | Cryptographic equipment |
US5548721A (en) * | 1994-04-28 | 1996-08-20 | Harris Corporation | Method of conducting secure operations on an uncontrolled network |
Non-Patent Citations (2)
Title |
---|
B.D.NOBLE, M.D.CORNER: "The Case for Transient Authentication" SIGOPS'02, [Online] 8 August 2002 (2002-08-08), XP002270442 Retrieved from the Internet: <URL:http://mobility.eecs.umich.edu/papers /sigops02.pdf> [retrieved on 2004-02-02] * |
M.D.CORNER, B.D.NOBLE: "Zero-Interaction Authentication" MOBICOM'02, [Online] 25 September 2002 (2002-09-25), XP002270441 Atlanta Retrieved from the Internet: <URL:http://mobility.eecs.umich.edu/papers /mobicom02.pdf> [retrieved on 2004-02-02] * |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2426615A (en) * | 2005-05-25 | 2006-11-29 | Charles Richard Whiteman | Proximity key |
GB2426615B (en) * | 2005-05-25 | 2010-03-03 | Charles Richard Whiteman | Proximity key with alarm function |
WO2010117561A1 (en) * | 2009-04-10 | 2010-10-14 | Raytheon Company | Deceptive mobile communications |
US9948614B1 (en) * | 2013-05-23 | 2018-04-17 | Rockwell Collins, Inc. | Remote device initialization using asymmetric cryptography |
GB2542685A (en) * | 2015-08-04 | 2017-03-29 | Ge Aviation Systems Llc | Cryptographic Ignition Key (CIK) embedded in removable data cartridge |
GB2542685B (en) * | 2015-08-04 | 2018-03-07 | Ge Aviation Systems Llc | Cryptographic Ignition Key (CIK) embedded in removable data cartridge |
Also Published As
Publication number | Publication date |
---|---|
US7761904B2 (en) | 2010-07-20 |
IL158183A (en) | 2008-11-26 |
DE60306864T2 (en) | 2007-09-06 |
EP1404083A3 (en) | 2004-04-21 |
EP1404083B1 (en) | 2006-07-19 |
DE60306864D1 (en) | 2006-08-31 |
US20040064720A1 (en) | 2004-04-01 |
IL158183A0 (en) | 2004-03-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7761904B2 (en) | Removable cryptographic ignition key system and method | |
US6628198B2 (en) | Security system for preventing a personal computer from being stolen or used by unauthorized people | |
US7103782B1 (en) | Secure memory and processing system having laser-scribed encryption key | |
US7134015B2 (en) | Security enhancements for pervasive devices | |
US6157722A (en) | Encryption key management system and method | |
US6996547B1 (en) | Method for purchasing items over a non-secure communication channel | |
US20070271596A1 (en) | Security, storage and communication system | |
US20100031349A1 (en) | Method and Apparatus for Secure Data Storage System | |
KR20110030486A (en) | Decoupling of measuring the response time of a transponder and its authentication | |
WO2007103298A2 (en) | Security, storage and communication system | |
EP1547008A1 (en) | A challenge-response-based tag and reader authentication system and method | |
US20060059367A1 (en) | Radio frequency identification tag lock and key | |
US11805111B2 (en) | Secure RFID tag identification | |
KR101506549B1 (en) | Secure entrance method for preventing interception of radio messages and System using the method | |
US8683211B2 (en) | Method of projecting a secure USB key | |
JP2000155876A (en) | Burglarproof device | |
JP2011090693A (en) | Authentication system for mobile terminal and mobile terminal | |
CN100483297C (en) | Device and method for securing and monitoring protected data | |
KR101580611B1 (en) | Security information method of rfid reader and tag | |
Wang | Information security vulnerabilities of NFC technology and improvement programs | |
US8430323B2 (en) | Electronic device and associated method | |
TWI234380B (en) | Mobile communication system and verification method | |
EP1239358A2 (en) | Security system for preventing a personal computer from being stolen or used by unauthorized people | |
KR20110053030A (en) | Security usb device and method for access control using rfid | |
Shemaili | RFID Security, Privacy and Authentication for Smart E-Travel |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
PUAL | Search report despatched |
Free format text: ORIGINAL CODE: 0009013 |
|
17P | Request for examination filed |
Effective date: 20030919 |
|
AK | Designated contracting states |
Kind code of ref document: A2 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PT RO SE SI SK TR |
|
AX | Request for extension of the european patent |
Extension state: AL LT LV MK |
|
AK | Designated contracting states |
Kind code of ref document: A3 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PT RO SE SI SK TR |
|
AX | Request for extension of the european patent |
Extension state: AL LT LV MK |
|
17Q | First examination report despatched |
Effective date: 20040802 |
|
AKX | Designation fees paid |
Designated state(s): DE FR GB |
|
GRAP | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOSNIGR1 |
|
GRAC | Information related to communication of intention to grant a patent modified |
Free format text: ORIGINAL CODE: EPIDOSCIGR1 |
|
GRAS | Grant fee paid |
Free format text: ORIGINAL CODE: EPIDOSNIGR3 |
|
GRAA | (expected) grant |
Free format text: ORIGINAL CODE: 0009210 |
|
AK | Designated contracting states |
Kind code of ref document: B1 Designated state(s): DE FR GB |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: FG4D |
|
REF | Corresponds to: |
Ref document number: 60306864 Country of ref document: DE Date of ref document: 20060831 Kind code of ref document: P |
|
ET | Fr: translation filed | ||
PLBE | No opposition filed within time limit |
Free format text: ORIGINAL CODE: 0009261 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT |
|
26N | No opposition filed |
Effective date: 20070420 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: PLFP Year of fee payment: 14 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: PLFP Year of fee payment: 15 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: PLFP Year of fee payment: 16 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R082 Ref document number: 60306864 Country of ref document: DE Representative=s name: WUESTHOFF & WUESTHOFF, PATENTANWAELTE PARTG MB, DE Ref country code: DE Ref legal event code: R081 Ref document number: 60306864 Country of ref document: DE Owner name: HARRIS GLOBAL COMMUNICATIONS, INC., ALBANY, US Free format text: FORMER OWNER: HARRIS CORP., MELBOURNE, FLA., US |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: 732E Free format text: REGISTERED BETWEEN 20190207 AND 20190213 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: FR Payment date: 20190925 Year of fee payment: 17 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: DE Payment date: 20200921 Year of fee payment: 18 Ref country code: GB Payment date: 20200917 Year of fee payment: 18 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: FR Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20200930 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R079 Ref document number: 60306864 Country of ref document: DE Free format text: PREVIOUS MAIN CLASS: H04L0029060000 Ipc: H04L0065000000 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R119 Ref document number: 60306864 Country of ref document: DE |
|
GBPC | Gb: european patent ceased through non-payment of renewal fee |
Effective date: 20210919 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: GB Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20210919 Ref country code: DE Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20220401 |